| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in exrecover in Solaris 2.6 and earlier possibly allows local users to gain privileges via a long command line argument. |
| The FTP client for Solaris 2.6, 7, and 8 with the debug (-d) flag enabled displays the user password on the screen during login. |
| Unknown vulnerability in the FTP server (in.ftpd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (temporary FTP server hang), which affects other active mode FTP clients. |
| Buffer overflow in arp command in Solaris 7 and earlier allows local users to execute arbitrary commands via a long -f parameter. |
| CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string. |
| Unknown vulnerability in newtask for Solaris 9 allows local users to gain root privileges. |
| The cancel command in Solaris 2.6 (i386) has a buffer overflow that allows local users to obtain root access. |
| catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file. |
| A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at checks permissions to delete the file and before the deletion actually takes place. |
| The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in a world readable file. |
| Memory leak in lofiadm in Solaris 8 allows local users to cause a denial of service (kernel memory consumption). |
| rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from header. |
| in.mond in Sun Cluster 2.x allows local users to read arbitrary files via a symlink attack on the status file of a host running HA-NFS. |
| The Telnet daemon (in.telnetd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (CPU consumption by infinite loop). |
| Cross-site scripting (XSS) vulnerability in Sun ONE Application Server 7 before Update 9, Java System Application Server 7 2004Q2 before Update 5, and Java System Application Server Enterprise Edition 8.1 2005 Q1 allows remote attackers to inject arbitrary HTML or web script via unknown vectors. |
| The Java Plug-in 1.4.2_03 and 1.4.2_04 controls, and the 1.4.2_03 and 1.4.2_04 <applet> redirector controls, allow remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer. |
| The clustmon service in Sun Cluster 2.x does not require authentication, which allows remote attackers to obtain sensitive information such as system logs and cluster configurations. |
| Unspecified vulnerability in the hsfs filesystem in Solaris 8, 9, and 10 allows unspecified attackers to cause a denial of service (panic) or execute arbitrary code. |
| Unspecified vulnerability in System Communications Services 6 Delegated Administrator 2005Q1 in Sun Java System Messaging Server 2005Q1 allows remote attackers to obtain the Top-Level Administrator (TLA) default password via unknown vectors, possibly involving configure_toplevel_admin.ldif. |
| Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4659277, a different vulnerability than CVE-2003-1082. |
